package com.cskaoyan.config.shiro;

import com.cskaoyan.bean.MarketAdmin;
import com.cskaoyan.bean.MarketAdminExample;
import com.cskaoyan.mapper.MarketAdminMapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.kafka.KafkaProperties;
import org.springframework.stereotype.Component;

import java.util.Arrays;
import java.util.List;

/**
 * @author stone
 * @date 2022/06/06 11:45
 */
@Component
public class CustomRealm extends AuthorizingRealm {

    @Autowired
    MarketAdminMapper adminMapper;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        // 根据subject.login传入的authenticationToken获得认证信息
        // 根据token中传入的username来查询该用户在系统中正确的密码（Credentials）
        String type = ((MallToken) authenticationToken).getType();
        String username = (String) authenticationToken.getPrincipal();
        // 能否从数据库里查出该用户名所对应的密码呢

        if ("admin".equals(type)) {
            // admin的credentials的查询
        }else {
            // wx的credentials的查询
        }
        if (authenticationToken instanceof AdminToken) {

        } else if (authenticationToken instanceof WxToken) {

        }
        MarketAdminExample example = new MarketAdminExample();
        example.createCriteria().andUsernameEqualTo(username);
        List<MarketAdmin> marketAdmins = adminMapper.selectByExample(example);
        if (marketAdmins != null && marketAdmins.size() == 1) {
            MarketAdmin marketAdmin = marketAdmins.get(0);
            String credentials = marketAdmin.getPassword(); // 正确的密码
            // 第一个参数：principal信息 → 放入啥信息都行，取决于开发人员 → 你放入的是什么信息，你取出的就是什么信息
            return new SimpleAuthenticationInfo(marketAdmin, credentials, this.getName());
        }

        return null;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 获得principal信息 → 根据principal信息获得对应的权限信息
        // 上面的doGetAuthorizationInfo中的第一个参数
        MarketAdmin primaryPrincipal = (MarketAdmin) principalCollection.getPrimaryPrincipal();

        // 根据marketAdmin查询它对应的权限
        // 拿到用户信息，可以获得role角色信息，根据角色信息，拿到权限信息
        List<String> permissions = getPermissionsByAdminId();

        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addStringPermissions(permissions);
        return simpleAuthorizationInfo;
    }

    public List<String> getPermissionsByAdminId() {
        // 应该来源于数据库
        return Arrays.asList("admin:user:list");
    }

}
